Abstract
This paper outlines basic concepts the software community must consider if they are to develop applications and software that is secure. In particular it explains why the common practice of depending on secure coding mechanisms are not enough. Beginning with the drivers for more secure applications and software, and why it is now becoming such an issue, if not a new issue, it examines the problem in terms of why software and applications are delivered without security built in to them and goes on to discuss what we should be doing about it and how we need to go about it, sharing insights that have recently been accumulated by the new and growing community of Certified Secure Software Development Lifecycle professionals.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Paul, Mano CISSP, MCAD, MCSD, Network+, ECSA, Software Assurance Advisor, (ISC) 2 Whitepaper: The Need for Secure Software, (ISC), 2008
Paul, Mano CISSP, MCAD, MCSD, Network+, ECSA, Software Assurance Advisor, (ISC) 2 Whitepaper: Ten Best Practices for Secure Software Development
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2010 Vieweg+Teubner | GWV Fachverlage GmbH
About this chapter
Cite this chapter
Colley, J. (2010). Why Secure Coding is not Enough: Professionals’ Perspective. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2009 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9363-5_30
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9363-5_30
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-0958-2
Online ISBN: 978-3-8348-9363-5
eBook Packages: Computer ScienceComputer Science (R0)